Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.29247
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.29247
<patchinfo incident="29247"> <issue tracker="bnc" id="1205476">VUL-0: CVE-2022-40735: long exponents in Diffie-Hellman Key Agreement Protocol allow remote attackers to trigger expensive server-side DHE modular-exponentiation</issue> <issue tracker="bnc" id="1210714">VUL-0: CVE-2023-1255: openssl-3: Input buffer over-read in AES-XTS implementation on 64 bit ARM</issue> <issue tracker="bnc" id="1211430">VUL-0: CVE-2023-2650: openssl-3,openssl-1_1,compat-openssl098,openssl1,openssl-1_0_0,openssl: Possible DoS translating ASN.1 object identifiers</issue> <issue tracker="cve" id="2023-1255"/> <issue tracker="cve" id="2023-2650"/> <issue tracker="cve" id="2022-40735"/> <packager>ohollmann</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for openssl-3</summary> <description>This update for openssl-3 fixes the following issues: - Update to version 3.0.8 (bsc#1207541). - CVE-2022-40735: Fixed remote trigger of expensive server-side DHE modular-exponentiation with long exponents in Diffie-Hellman Key Agreement Protocol (bsc#1205476). - CVE-2023-1255: Fixed input buffer over-read in AES-XTS implementation on 64 bit ARM (bsc#1210714). - CVE-2023-2650: Fixed possible DoS translating ASN.1 object identifiers (bsc#1211430). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor